Now Available!
Join Us On LinkedIn
Join the Cybersecurity and Incident Response Group on LinkedInThe Ill-Fated Emergence of the Bitcoin Balance Sheet
This year MicroStrategy relished in a good problem to have – a half a billion dollars of cash in its bank account and not sure what to do with it. The company could have paid its shareholders a hefty dividend, bought back a truckload of its stock, invested in R&D, financed new acquisitions or pursued […]
As bitcoin soars, so do ransomware attacks. Is it time to ‘stop the madness?’ — bobsullivan.net
Which brings me to Bitcoin and other cryptocurrencies. The vast majority of ransomware gangs demand payment via cryptocurrency, which they favor for its anonymity and the way it enables cross-border payments. Since global law enforcement authorities seem powerless to stop the crypto crime gangs, is it time to stop the crypto? Source: As bitcoin soars, so do […]
California Voters Make CCPA 2.0 a Reality – California Privacy Rights Act Ballot Measure Passes – Lewis Brisbois Bisgaard & Smith LLP
On November 3, 2020, California voters approved Proposition 24, otherwise known as the California Privacy Rights Act (CPRA), a ballot measure that will expand the privacy protections for California residents under the existing California Consumer Privacy Act (CCPA). Effective January 1, 2023, the CPRA significantly amends the CCPA by expanding consumer rights, heightening privacy protections, […]
Ransomware Group Turns to Facebook Ads — Krebs on Security
It’s bad enough that many ransomware gangs now have blogs where they publish data stolen from companies that refuse to make an extortion payment. Now, one crime group has started using hacked Facebook accounts to run ads publicly pressuring their ransomware victims into paying up. Source: Ransomware Group Turns to Facebook Ads — Krebs on […]
Cyber Consulting Firms Get Tied Up in Post-Breach Lawsuits
Cybersecurity consultants could be on the hook for data breaches at companies they contract with after two recent court rulings in consumer class actions. Accenture Plc’s U.S. unit in October failed to escape claims made against the consultant in a consumer lawsuit over a hack of Marriott International Inc.’s hotel reservations database. The decision came […]
Law Firms’ Reported Cyberattacks Are ‘Tip Of The Iceberg’
On top of that, there are just too many methods that bad actors can deploy to gain access to a firm’s system or database, said John Reed Stark, a former U.S. Securities and Exchange Commission internet enforcement chief and the president of data breach response and digital compliance firm John Reed Stark Consulting LLC. Just […]
Fragomen, a law firm used by Google, confirms data breach | TechCrunch
Immigration law firm Fragomen, Del Rey, Bernsen & Loewy has confirmed a data breach involving the personal information of current and former Google employees. The New York-based law firm provides companies with employment verification screening services to determine if employees are eligible and authorized to work in the United States. via Fragomen, a law firm […]
Judge Signs Off on $7.75m Equifax Settlement – Infosecurity Magazine
Chief Judge Thomas Thrash of the Northern District of Georgia gave final approval to the $7.75m settlement yesterday during a hearing held via Zoom. Legal fees of $2m were included in the resolution. As part of the agreement, Equifax has committed to investing an additional $25m to enhance data security measures tailored to financial institutions. The investment is […]
Attribution on Election Cyber-Attacks: Don’t Rush to Judgment
When investigating a cyber-attack, just because you have figured out the what, when and how, does not mean you have figured out the who. No doubt that after Election Day 2020, someone somewhere will allege that some form of cyber-attack compromised the results. Though it may be tempting to round up the usual suspects, don’t take the bait. While countries like […]
Attorney General William P. Barr Announces Publication of Cryptocurrency Enforcement Framework | OPA | Department of Justice
“At the FBI, we see first-hand the dangers posed when criminals bend the important technological promise of cryptocurrency to illicit ends,” said FBI Director Christopher Wray. “As this Enforcement Framework describes, we see criminals using cryptocurrency to try to prevent us from ‘following the money’ across a wide range of investigations, as well as to […]
Ransomware Payments can lead to Sanctions and Reporting Obligations for Financial Institutions | The Anticorruption Blog
With cybercrime on the rise, two U.S. Treasury Department components, the Office of Foreign Assets Control (“OFAC”) and the Financial Crimes Enforcement Network (“FinCEN”), issued advisories on one of the most insidious forms of cyberattack – ransomware. via Ransomware Payments can lead to Sanctions and Reporting Obligations for Financial Institutions | The Anticorruption Blog.
Anthem to pay nearly $40 million to settle data breach probe by U.S. states | Reuters
Anthem Inc said on Wednesday it would pay $39.5 million as part of a settlement with U.S. states attorneys general following an investigation into a massive cyber-attack at the company in 2015. The second largest U.S. health insurer said a state sponsored criminal group had perpetrated the attack, adding that it does not believe the […]
Ransomware Victims That Pay Up Could Incur Steep Fines from Uncle Sam — Krebs on Security
Companies victimized by ransomware and firms that facilitate negotiations with ransomware extortionists could face steep fines from the U.S. federal government if the crooks who profit from the attack are already under economic sanctions, the Treasury Department warned today In its advisory (PDF), the Treasury’s Office of Foreign Assets Control (OFAC) said “companies that facilitate […]
What’s it really like to negotiate with ransomware gangs? – The Red Tape Chronicles
It can sound strange, but during a recent lecture at Duke University, Ehuan said there were “good” cybercriminals — gangs that have a reputation for keeping those promises. After all, it’s their business. If they were to take the Bitcoin and run, security firms would stop making payments. On the other hand, you can’t trust […]
Panelists Discuss Their “One Big Thing” for Incident Response Forum Europe 2020
Incident Response Forum Europe 2020 panelists offer their “One Big Thing” to take away from this year’s event.